个人中心
gpt4 book ai didi

microsoft-graph-api - 混合环境,404 使用内部部署邮箱,200 用于 Exchange Online

转载 作者:行者123 更新时间:2023-12-04 07:11:53 28 4
gpt4 key购买 nike

我编写了一个能够与 Exchange Online 帐户通信的应用程序,我目前正在尝试测试以查看使其与在混合中运行的本地帐户一起工作所需的步骤。

我有:

  • Windows Server 2012 R2
  • Exchange 2016 CU8(使用 /PrepareAD 运行)
  • /api/v2.0 的 Internet 可访问路径和 /autodiscover/autodiscover.json
  • 运行 HCW
  • AD Connect 正在运行
  • Active Directory 已同步到 Azure Active Directory
  • 我注册的应用程序的权限看起来不错(读取日历事件/读写日历事件)

    • 不幸的是,我收到了 404尝试访问日历事件时: 
    curl -v -H 'Content-Type: application/json' -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IkFRQUJBQUFBQUFCSGg0a21TX2FLVDVYcmp6eFJBdEh6RE1mbEZNYTYwaktGRHRhUXp0ZGVkM2V6Z0ZfUzlLMjdDRmQxSHlfZGdRcnR6WlJBczRDV095R3E1Vl9OZW9MSFNKTGpzblNCSDNCQU9oQnBzU18wVmlBQSIsImFsZyI6IlJTMjU2IiwieDV0IjoiU1NRZGhJMWNLdmhRRURTSnhFMmdHWXM0MFEwIiwia2lkIjoiU1NRZGhJMWNLdmhRRURTSnhFMmdHWXM0MFEwIn0.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8wODY1YjBhYi02ZjYwLTQzNjMtYTEwZi05NWU5ZTc5ZjlmODEvIiwiaWF0IjoxNTE4OTc5NzQ0LCJuYmYiOjE1MTg5Nzk3NDQsImV4cCI6MTUxODk4MzY0NCwiYWlvIjoiWTJOZ1lKRE0reDVXbGhWNUlrajUwbDB4THNacEFBPT0iLCJhcHBfZGlzcGxheW5hbWUiOiJIQy1XZWIiLCJhcHBpZCI6ImVkZjlkY2M0LThjNjAtNDg3ZS1hYmUyLTI4MjcyYTRlZGJlMCIsImFwcGlkYWNyIjoiMiIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzA4NjViMGFiLTZmNjAtNDM2My1hMTBmLTk1ZTllNzlmOWY4MS8iLCJvaWQiOiJkNTUzMTE2My01MTcxLTRmZjctYTNjMS04NWFlNzUzMjkzNTIiLCJyb2xlcyI6WyJNYWlsLlJlYWRXcml0ZSIsIkNvbnRhY3RzLlJlYWRXcml0ZSIsIkRpcmVjdG9yeS5SZWFkLkFsbCIsIk1haWwuUmVhZCIsIkNhbGVuZGFycy5SZWFkV3JpdGUiXSwic3ViIjoiZDU1MzExNjMtNTE3MS00ZmY3LWEzYzEtODVhZTc1MzI5MzUyIiwidGlkIjoiMDg2NWIwYWItNmY2MC00MzYzLWExMGYtOTVlOWU3OWY5ZjgxIiwidXRpIjoiNkxJT3g1bWQ4ay05ajhBUUtiY2hBQSIsInZlciI6IjEuMCJ9.AWt_ANsH8sk15WeH1AgD6SD0Ki8VILMvzkbSMju_YFGKc5cVkrGp7Skzt64uDM8rI6Py5Y-1c3srXwON2oSihkRskfz5vG4nIlbFnuYd3Ij2Vz1ktpNnCeMAnAK2T8ifk2visRSvchRbuBNZZyamwRjActdDF9BS8NygUgmmygK4mPjOIab17PJPz5PisvRbCA2jBLWLvbu9RYrLH-xGuoLd2PLTbsn2WSVi3er4XztZCcK7XfVWe-0wjrV6qBufd5z0hH_KpQLdzPtLOzSUGUAcXGa0mBPceTWULQvQ-LPcAJO57F0ir5k22fWzlkOfUxQb9eGWREUm1cAPWk3CPw" "https://graph.microsoft.com/v1.0/users/oq@healthcentrified.co.uk/calendar/events"
    *   Trying 137.116.241.64...
    * Connected to graph.microsoft.com (137.116.241.64) port 443 (#0)
    * found 148 certificates in /etc/ssl/certs/ca-certificates.crt
    * found 592 certificates in /etc/ssl/certs
    * ALPN, offering http/1.1
    * SSL connection using TLS1.2 / ECDHE_RSA_AES_256_CBC_SHA384
    *        server certificate verification OK
    *        server certificate status verification SKIPPED
    *        common name: graph.microsoft.com (matched)
    *        server certificate expiration date OK
    *        server certificate activation date OK
    *        certificate public key: RSA
    *        certificate version: #3
    *        subject: C=US,ST=WA,L=Redmond,O=Microsoft Corporation,OU=Microsoft Corporation,CN=graph.microsoft.com
    *        start date: Wed, 03 Jan 2018 17:32:18 GMT
    *        expire date: Fri, 03 Jan 2020 17:32:18 GMT
    *        issuer: C=US,ST=Washington,L=Redmond,O=Microsoft Corporation,OU=Microsoft IT,CN=Microsoft IT TLS CA 4
    *        compression: NULL
    * ALPN, server did not agree to a protocol
    > GET /v1.0/users/oq@healthcentrified.co.uk/calendar/events HTTP/1.1
    > Host: graph.microsoft.com
    > User-Agent: curl/7.47.0
    > Accept: */*
    > Content-Type: application/json
    > Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IkFRQUJBQUFBQUFCSGg0a21TX2FLVDVYcmp6eFJBdEh6RE1mbEZNYTYwaktGRHRhUXp0ZGVkM2V6Z0ZfUzlLMjdDRmQxSHlfZGdRcnR6WlJBczRDV095R3E1Vl9OZW9MSFNKTGpzblNCSDNCQU9oQnBzU18wVmlBQSIsImFsZyI6IlJTMjU2IiwieDV0IjoiU1NRZGhJMWNLdmhRRURTSnhFMmdHWXM0MFEwIiwia2lkIjoiU1NRZGhJMWNLdmhRRURTSnhFMmdHWXM0MFEwIn0.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8wODY1YjBhYi02ZjYwLTQzNjMtYTEwZi05NWU5ZTc5ZjlmODEvIiwiaWF0IjoxNTE4OTc5NzQ0LCJuYmYiOjE1MTg5Nzk3NDQsImV4cCI6MTUxODk4MzY0NCwiYWlvIjoiWTJOZ1lKRE0reDVXbGhWNUlrajUwbDB4THNacEFBPT0iLCJhcHBfZGlzcGxheW5hbWUiOiJIQy1XZWIiLCJhcHBpZCI6ImVkZjlkY2M0LThjNjAtNDg3ZS1hYmUyLTI4MjcyYTRlZGJlMCIsImFwcGlkYWNyIjoiMiIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzA4NjViMGFiLTZmNjAtNDM2My1hMTBmLTk1ZTllNzlmOWY4MS8iLCJvaWQiOiJkNTUzMTE2My01MTcxLTRmZjctYTNjMS04NWFlNzUzMjkzNTIiLCJyb2xlcyI6WyJNYWlsLlJlYWRXcml0ZSIsIkNvbnRhY3RzLlJlYWRXcml0ZSIsIkRpcmVjdG9yeS5SZWFkLkFsbCIsIk1haWwuUmVhZCIsIkNhbGVuZGFycy5SZWFkV3JpdGUiXSwic3ViIjoiZDU1MzExNjMtNTE3MS00ZmY3LWEzYzEtODVhZTc1MzI5MzUyIiwidGlkIjoiMDg2NWIwYWItNmY2MC00MzYzLWExMGYtOTVlOWU3OWY5ZjgxIiwidXRpIjoiNkxJT3g1bWQ4ay05ajhBUUtiY2hBQSIsInZlciI6IjEuMCJ9.AWt_ANsH8sk15WeH1AgD6SD0Ki8VILMvzkbSMju_YFGKc5cVkrGp7Skzt64uDM8rI6Py5Y-1c3srXwON2oSihkRskfz5vG4nIlbFnuYd3Ij2Vz1ktpNnCeMAnAK2T8ifk2visRSvchRbuBNZZyamwRjActdDF9BS8NygUgmmygK4mPjOIab17PJPz5PisvRbCA2jBLWLvbu9RYrLH-xGuoLd2PLTbsn2WSVi3er4XztZCcK7XfVWe-0wjrV6qBufd5z0hH_KpQLdzPtLOzSUGUAcXGa0mBPceTWULQvQ-LPcAJO57F0ir5k22fWzlkOfUxQb9eGWREUm1cAPWk3CPw
    >
    < HTTP/1.1 404 Not Found
    < Cache-Control: private
    < Transfer-Encoding: chunked
    < Content-Type: text/plain
    < request-id: f499015e-325b-45e8-9716-0a8a7160b82d
    < client-request-id: f499015e-325b-45e8-9716-0a8a7160b82d
    < x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"North Europe","Slice":"SliceA","Ring":"3","ScaleUnit":"003","Host":"AGSFE_IN_0","ADSiteName":"DUB"}}
    < Duration: 1764.3754
    < Date: Sun, 18 Feb 2018 19:18:28 GMT
    <
    * Connection #0 to host graph.microsoft.com left intact

    如果我对已迁移到 Exchange Online 的邮箱执行类似的请求,这会起作用(我收到 HTTP 200 和 JSON 格式的事件列表)

    Office 365 支持不确定在这里做什么(这可能超出了他们的范围)。

    documentation says that it is in preview ,但是,应该仍然有效

    Microsoft Graph has always provided access to customer mailboxes in the cloud on Exchange Online as part of Office 365. Exchange 2016 Cumulative Update 3 (CU3), released in September 2016 for Exchange on-premises servers, adds support for REST API integration with Office 365. If your app uses v1.0 of the Mail, Calendar, or Contacts API, you will now also find a seamless authentication and application experience in hybrid deployments, regardless of whether the mailbox is on-premises or in the cloud, provided that the deployment meets specific requirements.

    Behind the scenes, when Microsoft Graph identifies that a REST API call is attempting to access an on-premises mailbox in a hybrid deployment, it proxies the REST request to an on-premises REST endpoint which then processes the request. This discovery makes accessing the REST API possible.



    我将声明我的 Windows 经验非常有限,这是我第一次尝试使用 Windows 服务器做任何事情,但是,缺乏关于这种情况的文档,因为这可能是许多大型企业组织想要做的事情。

    有什么明显的错误吗?

    更新

    Rasmus 问我是否有任何请求发送到我的 Web 服务器,而我可以在 /rpc 上看到大量流量。我一无所获 autodiscover.json以及对 /API 的唯一请求是 
    2018-02-25 18:58:24 ::1 
    GET /api/v1.0/users/HealthMailboxda9cb9ff7af047cf9878a9b7be391e14@healthcentrified.co.uk/Messages 
    $top=1
    &request_id=4f17c7a2-f753-46f7-853d-36f7a5281932 444 
    - ::1 Odata_AM_Probe/Local - 401 0 0 0

    和其他人从这个用户代理到这个邮箱

    最佳答案

    我已经在 https://jwt.ms 上检查了您的 token 并发现它是来自客户端凭据流的应用程序 token 。这不是开箱即用的,但今天我发现您可以在内部交换环境中启用这些 token 。

    请参阅我在这篇文章中的回答:https://stackoverflow.com/a/56131954/639153

    原答案 here

    关于microsoft-graph-api - 混合环境,404 使用内部部署邮箱,200 用于 Exchange Online,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48872571/

    28 4 0
    文章推荐: ionic-framework - 如何使用 Cordova 在应用中安装 Facebook Pixel 并跟踪转化?
    文章推荐: firebase-storage - 它是一种在 Firebase 存储中备份数据的方法吗?
    文章推荐: asp.net - 从用户控件访问父页面属性
    文章推荐: ansible - 在 Ansible 中获取符号链接(symbolic link)目标的完整路径
    行者123
    个人简介

    我是一名优秀的程序员,十分优秀!

    滴滴打车优惠券免费领取
    滴滴打车优惠券
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com